DSA *dsa = NULL;
unsigned char dgst[] = "etaonrishdlc";
int r = 0;
- EVP_MD_CTX mctx;
DSA_SIG *sig = NULL;
ERR_clear_error();
- FIPS_md_ctx_init(&mctx);
dsa = FIPS_dsa_new();
if (!dsa)
goto end;
if (bad)
BN_add_word(dsa->pub_key, 1);
- if (!FIPS_digestinit(&mctx, EVP_sha256()))
- goto end;
- if (!FIPS_digestupdate(&mctx, dgst, sizeof(dgst) - 1))
- goto end;
- sig = FIPS_dsa_sign_ctx(dsa, &mctx);
+ sig = FIPS_dsa_sign(dsa, dgst, sizeof(dgst) -1, EVP_sha256());
if (!sig)
goto end;
- if (!FIPS_digestinit(&mctx, EVP_sha256()))
- goto end;
- if (!FIPS_digestupdate(&mctx, dgst, sizeof(dgst) - 1))
- goto end;
- r = FIPS_dsa_verify_ctx(dsa, &mctx, sig);
+ r = FIPS_dsa_verify(dsa, dgst, sizeof(dgst) -1, EVP_sha256(), sig);
end:
if (sig)
FIPS_dsa_sig_free(sig);
- FIPS_md_ctx_cleanup(&mctx);
if (dsa)
FIPS_dsa_free(dsa);
if (r != 1)
unsigned char buf[256];
unsigned int slen;
BIGNUM *bn;
- EVP_MD_CTX mctx;
int r = 0;
ERR_clear_error();
- FIPS_md_ctx_init(&mctx);
key = FIPS_rsa_new();
bn = BN_new();
if (!key || !bn)
if (bad)
BN_add_word(key->n, 1);
- if (!FIPS_digestinit(&mctx, EVP_sha256()))
- goto end;
- if (!FIPS_digestupdate(&mctx, input_ptext, sizeof(input_ptext) - 1))
- goto end;
- if (!FIPS_rsa_sign_ctx(key, &mctx, RSA_PKCS1_PADDING, 0, NULL, buf, &slen))
+ if (!FIPS_rsa_sign(key, input_ptext, sizeof(input_ptext) - 1, EVP_sha256(),
+ RSA_PKCS1_PADDING, 0, NULL, buf, &slen))
goto end;
- if (!FIPS_digestinit(&mctx, EVP_sha256()))
- goto end;
- if (!FIPS_digestupdate(&mctx, input_ptext, sizeof(input_ptext) - 1))
- goto end;
- r = FIPS_rsa_verify_ctx(key, &mctx, RSA_PKCS1_PADDING, 0, NULL, buf, slen);
+ r = FIPS_rsa_verify(key, input_ptext, sizeof(input_ptext) - 1, EVP_sha256(),
+ RSA_PKCS1_PADDING, 0, NULL, buf, slen);
end:
- FIPS_md_ctx_cleanup(&mctx);
if (key)
FIPS_rsa_free(key);
if (r != 1)
for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]);
printf("\n");
+ FIPS_rsa_free(key);
+
return 1;
}
}
rv = 1;
err:
- FIPS_drbg_uninstantiate(dctx);
+ FIPS_drbg_free(dctx);
return rv;
}
{NID_aes_256_xts, "AES-256-XTS"},
{NID_des_ede3_cbc, "DES-EDE3-CBC"},
{NID_des_ede3_ecb, "DES-EDE3-ECB"},
+ {NID_secp224r1, "P-224"},
+ {NID_sect233r1, "B-233"},
+ {NID_sect233k1, "K-233"},
{NID_X9_62_prime256v1, "P-256"},
{NID_secp384r1, "P-384"},
{NID_secp521r1, "P-521"},
{
EVP_PKEY *pkey = ex;
keytype = pkey->type;
- exstr = lookup_id(keytype);
+ if (keytype == EVP_PKEY_EC)
+ {
+ const EC_GROUP *grp;
+ int cnid;
+ grp = EC_KEY_get0_group(pkey->pkey.ec);
+ cnid = EC_GROUP_get_curve_name(grp);
+ sprintf(asctmp, "ECDSA %s", lookup_id(cnid));
+ exstr = asctmp;
+ }
+ else
+ exstr = lookup_id(keytype);
}
idstr = "Signature";
break;
idstr = "Continuous PRNG";
break;
+ case FIPS_TEST_ECDH:
+ idstr = "ECDH";
+ exstr = lookup_id(subid);
+ break;
+
default:
idstr = "Unknown";
break;
return 1;
}
-int main(int argc,char **argv)
+#ifdef FIPS_ALGVS
+int fips_test_suite_main(int argc, char **argv)
+#else
+int main(int argc, char **argv)
+#endif
{
int bad_rsa = 0, bad_dsa = 0;
int do_rng_stick = 0;
int do_drbg_stick = 0;
int no_exit = 0;
int no_dh = 0;
+ char *pass = FIPS_AUTH_USER_PASS;
FIPS_post_set_callback(post_cb);
} else if (!strcmp(argv[1], "dsa")) {
fail_id = FIPS_TEST_SIGNATURE;
fail_key = EVP_PKEY_DSA;
+ } else if (!strcmp(argv[1], "ecdh")) {
+ fail_id = FIPS_TEST_ECDH;
} else if (!strcmp(argv[1], "ecdsa")) {
fail_id = FIPS_TEST_SIGNATURE;
fail_key = EVP_PKEY_EC;
do_drbg_stick = 1;
no_exit = 1;
printf("DRBG test with stuck continuous test...\n");
+ } else if (!strcmp(argv[1], "user")) {
+ pass = FIPS_AUTH_USER_PASS;
+ } else if (!strcmp(argv[1], "officer")) {
+ pass = FIPS_AUTH_OFFICER_PASS;
+ } else if (!strcmp(argv[1], "badpass")) {
+ pass = "bad invalid password";
+ } else if (!strcmp(argv[1], "nopass")) {
+ pass = "";
} else {
printf("Bad argument \"%s\"\n", argv[1]);
- exit(1);
+ return 1;
}
if (!no_exit) {
fips_algtest_init_nofips();
- if (!FIPS_module_mode_set(1)) {
+ if (!FIPS_module_mode_set(1, pass)) {
printf("Power-up self test failed\n");
- exit(1);
+ return 1;
}
printf("Power-up self test successful\n");
- exit(0);
+ return 0;
}
}
/* Power-up self test
*/
ERR_clear_error();
- test_msg("2. Automatic power-up self test", FIPS_module_mode_set(1));
+ test_msg("2. Automatic power-up self test", FIPS_module_mode_set(1, pass));
if (!FIPS_module_mode())
- exit(1);
+ return 1;
if (do_drbg_stick)
FIPS_drbg_stick();
if (do_rng_stick)